摘要 |
A method for distributing private keys and certificates to cryptographic devices (1). According to the invention the method comprises the steps of: providing a first CA-system (5) at the manufacture of the devices; providing a temporary private key and a temporary certificate from the first CA-system (5) to each device (1) during the manufacturing of the device (1); delivering said devices (1) to customers; providing a second CA-system (11) at a customer node (10), this being performed at this process step or earlier in the process; for each delivered cryptographic device: connecting the device to a network, which is reachable from the customer node (10); authenticating the device as being from said manufacture; automatically replacing the temporary private key and the temporary certificate with a new private key and a new certificate and also automatically providing the device with a CA-certificate, the new certificates being signed by the second CA-system (11) which is notified of the connection of the device (1) as soon as the device (1) has connected to the network. |